Hacking victims double-dipped

IT never rains but it pours for clients of Stratfor, the US security firm whose website was compromised at the weekend by members of the anarchic computer-hacking group Anonymous.

Victims of the attack, mostly employees of major companies or agencies which use Stratfor's services, learnt at Christmas that their names, addresses and credit card details had been published online.

Now it has emerged that those who spoke to the media about the experience, which typically saw their accounts used to make large donations to major charities, have been targeted a second time by hackers.

In a statement on its Facebook page yesterday, Stratfor said that individuals who stick their heads above the parapet "may be targeted for doing so and are at risk of having sensitive information repeatedly published on other websites".

The warning came after Anonymous used another website to mock victims who spoke to the Associated Press about their experience. Its message poked fun at someone who had criticised the hacking on Facebook, saying: "We went ahead and ran up your card a bit."

Stratfor, which is based in Texas, provides political, economic and military analysis that helps customers to reduce their exposure to risk. Clients of the firm include hundreds of major companies and government organisations. Their identities were made public in a series of postings from Twitter accounts linked to Anonymous.

Despite being a security firm, Stratfor appears to have failed to take basic steps to encrypt customer data. A spokesman declined to comment on that issue, citing a pending criminal investigation.